Complacent and 'too-busy' users are responsible for the rapid spread of viruses, according to a study released Friday.

The 'nothing to do with me' mob are the major offenders, making up 90 per cent of the 1,000 UK employees surveyed. This vast majority believe that they have no part to play in preventing the spread of viruses, and that it is the responsibility of the IT department, Microsoft or the government.

Steve Brown, UK MD of network and security outfit Novell - which sponsored the report - said: "Viruses only work if there are people dumb enough to open them and pass them on."

But that's OK - almost two thirds (60 per cent) aren't aware of even the most basic virus-protection methods and one third claims to be too busy to bother - even if they knew how.

As an email recipient, being 100 per cent sure of the identity of an emailer isn't much protection - 58 per cent of your friends and colleagues will forward you spam without a thought, according to the survey.

More than half of those (over a third of the total) will already have verified their company, or their own, email address, by responding to spam.

And phishing is an concept unknown to the vast majority, though this may not matter too much to more than half of them - they can't even remember their password. Many of the rest can't wait to give it to all the world - one third write their passwords down and one in ten put it on a Post-It note on their desk.

Brown said: "We didn't know what to expect when we commissioned the survey. What surprised me was the lackadaisical attitude - most of them said that they would 'not be particularly bothered' by an attack, and only five per cent would feel bad if they helped spread it."

And he was concerned that the old chestnuts of multiple passwords and difficulties in distributing patches and updates were still a major problem. He said that education and training would gradually help to alleviate the problem, given the use of adequate systems.